Security News

Known as BlueLeaks, the info trove consists mostly of crime intelligence material uploaded to what are known as fusion centers. Created in the aftermath of the September 11 terror attacks, serve as a way for state and county cops to share information with one another and with the FBI and US Homeland security.

Hundreds of thousands of files belonging to more than 200 law enforcement organizations across the United States have been leaked online after they were stolen by hackers from a web development company. The leak, dubbed BlueLeaks, includes information collected and generated by over 200 police departments, fusion centers, the FBI and other law enforcement organizations in various U.S. states.

A group of hacktivists and transparency advocates has published a massive 269 GB of data allegedly stolen from more than 200 police departments, fusion centers, and other law enforcement agencies across the United States. Dubbed BlueLeaks, the exposed data leaked by the DDoSecrets group contains hundreds of thousands of sensitive documents from the past ten years with official and personal information.

It's actually an investment company that wants to make online gaming more fair for players by funding early-stage gaming startups that incorporate blockchain technology in the nascent blockchain gaming industry. The idea, said Craig Russo, the company's director of innovation, is to broaden the appeal and growth of online gaming by giving players tools that allow them to keep those purchases or migrate them for use in other games without having to buy them again.

You know your attack surface don't you? You mapped all of it? Are you sure? How can you map the entire attack surface and prioritise the most important vulnerabilities, when statistics show you are only aware of 70 per cent of it at best, and tools like port scanners pump out lists of IP addresses without any business context or prioritisation?

Personal information of police officers in departments nationwide is being leaked online amid tense interactions at demonstrations across the U.S. over the police custody death of George Floyd and others, according to an unclassified intelligence document from the U.S. Department of Homeland Security, obtained by The Associated Press. Multiple high-ranking police officials in a number of cities, including Washington, Atlanta, Boston and New York have had their personal information shared on social media, including their home addresses, email addresses and phone numbers, the report warns.

Abstract: Democracy Live's OmniBallot platform is a web-based system for blank ballot delivery, ballot marking, and online voting. Three states - Delaware, West Virginia, and New Jersey - recently announced that they will allow certain voters to cast votes online using OmniBallot despite the well established risks of Internet voting, the system has never been the subject of a public, independent security review.

An online voting system approved in three US states is vulnerable to manipulation by hackers and may not protect ballot secrecy, according to an analysis by security researchers. The report comes with election officials scrambling following the outbreak of the coronavirus pandemic to enable remote voting in the November election to limit risks from crowded polling stations.

Half of organizations globally have not established cybersecurity guidelines regarding remote work according to the survey and US remote employees use work devices to access adult entertainment sites more than any other country. In addition to nearly half of respondents sharing their work device with someone else in their home, 36% accessed work applications through a personal laptop or device.

On Saturday, at 10:48 UTC, Sectigo's AddTrust legacy root certificate expired, causing a bit of weekend havoc for thousands of websites and services that rely on it for making a secure TLS/SSL connection. "Generally speaking, this is affecting older, non-browser clients which talk to TLS servers which serve a Sectigo certificate chain ending in the expired certificate," wrote Andrew Ayer, founder of SSLMate, in a blog post.